7de25c2a6ace22c4116fc417a7aaf484 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7de25c2a6ace22c4116fc417a7aaf484
Size

6.7MB
MD5

7de25c2a6ace22c4116fc417a7aaf484
SHA1

0d5a0790205d3a9c20f523151d2b34eb2ab14228
SHA256

0622eaee736444a2517651b95cde7447bc8e3103fc3867dabdbd1879ef8c9c20
SHA512

52a28ed655e0877b806921d87b3269fd20f4a05bc0cd72856beb46460aa7f8ad46d104ba52bff24720f44dc4b272bc3995273fadac4aec4810a2003ae8a0ddf1
SSDEEP

98304:LXu0Xok///w5t9j4YeyaZicB6WwkW/KnnvVJlrS8tw4SGGWdJv0C1Alu630KC1X6:LXykQ9EYoSk5vVnPw4SmiG3hvBOMK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/xyyk.exe

Files

7de25c2a6ace22c4116fc417a7aaf484
.rar
xyyk.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url